Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
JR0ch17
January 25, 2022
Technology
0
47
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
Tweet
Share
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
170
Getting Started in Bug Bounty
jr0ch17
0
150
Getting Blindly Lucky
jr0ch17
0
92
Qu'est-ce que le bug bounty?
jr0ch17
0
140
Finding 5 bugs in a single parameter
jr0ch17
0
110
Beyond the Borders of Scope
jr0ch17
1
88
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
30万人の同時アクセスに耐えたい!新サービスの盤石なリリースを支える負荷試験 / SRE Kaigi 2026
genda
1
190
Claude_CodeでSEOを最適化する_AI_Ops_Community_Vol.2__マーケティングx_AIはここまで進化した.pdf
riku_423
0
280
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
200
Bill One急成長の舞台裏 開発組織が直面した失敗と教訓
sansantech
PRO
1
190
Context Engineeringの取り組み
nutslove
0
260
Tebiki Engineering Team Deck
tebiki
0
24k
Introduction to Sansan for Engineers / エンジニア向け会社紹介
sansan33
PRO
6
67k
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
Data Hubグループ 紹介資料
sansan33
PRO
0
2.7k
データの整合性を保ちたいだけなんだ
shoheimitani
7
2.7k
GitLab Duo Agent Platform × AGENTS.md で実現するSpec-Driven Development / GitLab Duo Agent Platform × AGENTS.md
n11sh1
0
110
ブロックテーマでサイトをリニューアルした話 / 2026-01-31 Kansai WordPress Meetup
torounit
0
430
Featured
See All Featured
Abbi's Birthday
coloredviolet
1
4.7k
Building Adaptive Systems
keathley
44
2.9k
Done Done
chrislema
186
16k
The Power of CSS Pseudo Elements
geoffreycrofte
80
6.1k
Embracing the Ebb and Flow
colly
88
5k
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
szymonslowik
1
910
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
55k
Building a Scalable Design System with Sketch
lauravandoore
463
34k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
110
Chasing Engaging Ingredients in Design
codingconduct
0
110
Designing Experiences People Love
moore
144
24k
We Are The Robots
honzajavorek
0
160
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
jr0ch17
genda
riku_423
slsops
sansantech
nutslove
tebiki
sansan33
shoheimitani
n11sh1
torounit
coloredviolet
keathley
chrislema
geoffreycrofte
colly
szymonslowik
aki_iinuma
lauravandoore
sarafernandez
codingconduct
moore
honzajavorek
